Security News > 2023 > February > NameCheap's email hacked to send Metamask, DHL phishing emails
Domain registrar Namecheap had their email account breached Sunday night, causing a flood of MetaMask and DHL phishing emails that attempted to steal recipients' personal information and cryptocurrency wallets.
The phishing campaigns started around 4:30 PM ET and originated from SendGrid, an email platform used historically by Namecheap to send renewal notices and marketing emails.
The phishing emails sent in this campaign are impersonating either DHL or MetaMask.
"We are writing to inform you that in order to continue using our wallet service, it is important to obtain KYC verification. KYC verification helps us to ensure that we are providing our services to legitimate customers," reads the MetaMask phishing email.
This email contains a marketing link from Namecheap that redirects the user to a phishing page pretending to be MetaMask.
If you received either a DHL or MetaMask phishing email tonight from Namecheap, immediately delete it and do not click on any links.
News URL
Related news
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Beware: PayPal "New Address" feature abused to send phishing emails (source)
- Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails (source)
- Coinbase phishing email tricks users with fake wallet migration (source)
- Why it's time for phishing prevention to move beyond email (source)
- New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records (source)
- PoisonSeed phishing campaign behind emails with wallet seed phrases (source)